Second stage consultation of social partners on the protection of workers' personal data - Hoofdinhoud
Contents
| Documentdatum | 06-12-2002 |
|---|---|
| Publicatiedatum | 12-08-2009 |
| Kenmerk | 15232/02 |
| Van | Commission |
| Aan | General Secretariat of the Council |
| Externe link | originele PDF |
| Originele document in PDF |  |
COUNCIL OF Brussels, 6 December 2002 (11.12) THE EUROPEAN UNION (OR. fr)
15232/02
SOC 578 ECO 376
TEXT FORWARDED FOR INFORMATION 1
from : Commission
to : General Secretariat of the Council
No. prev. doc. : 12627/01 SOC 374 ECO 271
Subject : Second stage consultation of social partners on the protection of workers' personal data
On 29 October 2002, the Commission adopted a document entitled "Second stage consultation of
social partners on the protection of workers' personal data". The second stage consultation follows
that of the first stage, begun on 27 August 2001.
The purpose of the document, which is attached, is to consult the social partners, in accordance with
Article 138(2) of the EC Treaty, on the possible direction of Community action in this field.
________________________
1 This text was forwarded to the General Secretariat of the Council in English, French and
German only.
EN
ANNEX
Second stage consultation of social partners on the protection
of workers' personal data
I. Introduction
On 27 August 2001 the Commission launched a first stage consultation of the social partners on the protection of workers' personal data. In accordance with Article 138, paragraph 2 of the EC Treaty, the social partners were asked to give their opinion on the possible direction of a Community action in this field.
There are currently, at Community level, two Directives in the field of data protection 1 .
Directive 95/46/EC i concerns the protection of individuals with regard to the processing of personal
data and the free movement of such data; Directive 97/66/EC i 2 concerns the processing of personal
data and the protection of privacy in the telecommunication sector. With one exception, these
Directives do not contain any sector specific provisions on the processing of data in the employment context. Taking this into account, the social partners were asked if, in their opinion, these Directives, as implemented in the Member States, adequately address the protection of workers' personal data. In particular the social partners were asked to consider if it is advisable that the Community takes an initiative in this field focusing notably on the following areas:
• Consent (the question was raised whether consent, as one of the means for legitimising the
processing of data in the above mentioned Directives, was a suitable ground in the employment context)
• Access and processing of medical data in the employment context
• Drug testing and genetic testing in the employment context
• Monitoring and surveillance in the workplace
1 Directive 95/46/EC i of 24.10.1995, OJ L 281 of 23.11.1995, p. 31; Directive 97/66/EC i of
15.12.1997, OJ L 24 of 30.01.1998 p. 1; cf., also, Regulation (EC) N° 45/2001 of 18 December 2000 concerning the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data, OJ L 8 of 12.01.2001, p. 1.
2 This Directive will be repealed and replaced on 31.10.2002 by the recently adopted
EN
The social partners were finally asked what form they thought a Community action should take
(Directive, communication, recommendation, code of practice, guidelines, etc.) and what the main features of such a measure might be.
II. Responses of the social partners to the first stage consultation
There is a widespread consensus among the social partners as regards the importance of the question of personal data processing in the employment context, taking into account notably the socio-economic and technological developments of recent years. This issue affects, evidently, the quality of work as well as the smooth functioning of business. However, there are evident differences among them concerning the need for further action, the direction of such action, its content as well as the appropriate level at which these questions should be tackled.
Certain social partners pointed out that the issues under discussion seem highly complicated and require further investigation and research. They noted that there is an interaction of different elements, such as data protection regulations, labour law and collective agreements.
Following a specific request of the social partners, the Commission commissioned and presented to them two studies on the current situation of workers' personal data protection in the Member States of the European Union, in particular as regards workers' sensitive data as well as the surveillance and monitoring of workers. As regards the substantial issues raised in the Commission's first stage consultation document, there is a clear divergence between the responses of the employers' organisations, on one side, and the workers' organisations, on the other.
The employers' organisations (UNICE, UEAPME, BDI) do not see any need for Community legislation, namely a Directive, on this subject. The existing Community legislation, notably
Directive 95/46/EC i, is considered adequate and sufficient to ensure high quality protection of workers' personal data. Community action is considered, furthermore, premature. It should rather be preceded by the report on the transposition of directive 95/46/EC i as well as by a full and up-to-date analysis of the situation in the Member States. UNICE and UEAPME contest also the Community's added value (promotion of free movement of data and workers within the EU and ensuring a level playing field) from the subsidiarity/proportionality point of view.
Furthermore, all employers' organisations emphasise the merits of flexibility, national diversity as well as the need to avoid overregulation and supplementary burdens on employers.
It is important to note, however, that UNICE and UEAPME stress the need for transparency. In particular, UNICE highlights the need for information and transparency as regards national regulations and speaks in favour of enhancing awareness and exchange of information and best practices.
EN
UNICE favours also non-binding instruments at the national level through the social partners who are better placed to tackle possible problems. UEAPME points out that non-binding measures at the European level, such as a code of conduct along the lines of that established by ILO, could be useful.
On the other side, all employees' organisations ( ETUC, CEC and EUROCADRES), are in favour of a Community directive on this matter.
They stress that the existing EC Directives on personal data protection are useful but not sufficient with regard to the specificity of the employment context. Furthermore, current national legislation implementing the Directives is not totally satisfactory and does not cover all aspects. Taking into account the growing number of employees working for companies established in other Member States, the current impediments to free movement of workers as well as the fundamental right of non-discrimination, a Community initiative is advisable.
This should take the form of a Directive allowing a certain flexibility according to national specificities.
As regards the specific issues focused upon in the Commission's consultation document, there is also obvious divergence between the employers' and the workers' organisations concerning notably the adequacy of the current European and national legislation, the content of any further action as well as the appropriate level at which these questions should be tackled (see attached summary).
III. The position of the Commission
BACKGROUND
The protection of workers' personal data is an increasingly debated issue. In its various aspects, it is currently the subject of active discussions, negotiations, regulations and research at international, European and national levels. This is notably due to the specific nature of the employment relationship as well as to recent socio-economic, organisational and technological changes.
In fact, a great number of activities performed routinely in the employment context entail the processing of personal data of workers, not only for the benefit of the employer but also for the workers' own benefit. Collection of personal data takes place even before the beginning of the employment relationship for the purposes of recruitment; it continues throughout employment and may extend even after its termination. It is legitimised through a number of specific purposes such as compliance with law, ensuring health, safety and security, assisting selection, training and promotion, assessing performance, controlling quality and customer service, verifying entitlement to certain benefits etc.
EN
Current developments in human resources management with the aim to enhance the human capital of companies, in work organisation as well as in the use of information and communication technologies at the workplace have intensified collection of workers' personal data and broadened its range. Automation of personal data processing, generalisation of use of internet and e-mail at the workplace and other technological advances have increased the possibilities and risks of intrusions in workers' fundamental rights, in particular the right to privacy. Marketing of cheaper and more efficient technological devices have facilitated, and are likely to further facilitate, even more such intrusions. An illustrative example is the evolution of the chips for genetic testing. The increasing blurring between working life and private life as well as the development of telework has given rise to new concerns.
In this context, it is important to strike a balance between the workers' fundamental rights, in particular that to privacy, and the employers' legitimate interests. Whilst this appreciation is carried out on a case by case basis, the question is raised whether it is advisable to have a framework of guidelines and rules regulating in a specific way processing of personal data in the employment field.
ANALYSIS
The studies prepared for the Commission mentioned above as well as a series of meetings with experts and other stakeholders permitted an analysis of the existing regulations concerning processing of workers' personal data, on EU, national and international levels, in order to appreciate whether these arrangements provide appropriate protection of workers' fundamental rights and freedoms, and in particular the right to privacy or whether there is a need to further particularise and complement them, with regard to the particular context of the processing: the employment context.
EU initiatives
As it was set out in the Commission's first stage consultation, Directives 95/46/EC i and 97/66/EC, as well as the national data protection laws implementing them, fully apply to workers' personal data. Nevertheless, such legislation is of a general nature and does not, in principle, contain employment sector specific provisions.
Directive 95/46/EC i recognises, notably in recital 68, that its principles may be supplemented or clarified by specific rules based on those principles, in particular as certain sectors are concerned. There is already a precedent, in this sense, namely Directive 97/66/EC i. It is, furthermore, worth
noting that Regulation (EC) N° 45/2001 3 , which applies to the European institutions and bodies, in
transposing the aforementioned principles, specifies and adds to the provisions of the general
Directive 95/46/EC i and the specific Directive 97/66/EC i 4 . Reference should also be made to a
3 See supra footnote 1.
4 Cf., among others, article 27 on prior check as regards notably health data as well as data on
criminal offences, convictions etc.
EN
number of Community directives in the area of health and safety of workers at work, which provide, in certain situations, for specific arrangements as regards health surveillance of the concerned
workers, including provisions on making, up-dating and storing health records 5 .
With regard to Directives 95/46/EC i and 97/66/EC, it is important to stress the work of the Data
Protection Working Party. This Working Party, created by Article 29 of Directive 95/46/EC i, is composed of representatives of the national data protection supervisory authorities. It has adopted, with a view to contributing to the uniform application of the national measures implementing the
aforementioned Directive, an opinion 6 on the processing of personal data in the employment
context.
The Working Party examined also the question of the consent as a legitimising means for the processing of workers' personal data in the employment context. Taking into account the specificity of this sector, it took the view that the extent to which consent can be used in the employment relationship is limited. It stressed that, where as a necessary and unavoidable consequence of the employment relationship an employer has to process personal data, it is misleading if he/she seeks to legitimise this processing through consent. Reliance on consent should be confined to cases where the worker has a genuine free choice and is subsequently able to withdraw the consent without any detriment.
Within its efforts to provide further guidance to the persons concerned, the Working Party adopted a
Working Document on the surveillance of electronic communications in the workplace 7 . This
document, whose scope is limited to internet and e-mail monitoring, acknowledges the existence of some divergences between the Member States' national laws, mainly in areas related to data protection, dealing, on the one hand, with the derogations allowed to the fundamental right to secrecy of correspondence and, on the other hand, the scope and effect of collective representation and co-decision.
Recent developments in Member States
A number of Member States have recognised the need for more detailed rules and included in their data protection laws implementing Directive 95/46/EC i some provisions specifying the data subject's rights and the data controller's obligations in the employment context. These provisions deal, nevertheless, with particular issues and are not comprehensive.
5 Cf., e.g., Directive 89/391/EC i on the introduction of measures to encourage improvements in
the safety and health of workers at work, OJ L 183 of 29.06.1989, p. 1, Directive 98/24/EC i on the protection of the health and safety of workers from the risks related to chemical agents at work, OJ L 131 of 05.05.1998, p. 11.
6 Opinion 8/2001, WP 48 of 13.09.2001. This opinion provides also a useful detailed picture of
the most relevant national and international instruments (it can be found on the Internet in the following address: http://europa.eu.int/comm/internal_market/en/dataprot/wpdocs/index.htm )
7 Working Document of 29.05.2002, WP 55 (it can be found on the Internet in the address cited
in fn 5 above).
EN
The first national legislation in the EU dealing specifically and quite comprehensively with data protection at the workplace is the Finnish Act of May 2001 on protection of privacy in working life. The Finnish competent authorities are currently working to complement this act as regards areas which were not sufficiently covered.
In Sweden, following a recent study, the Committee on protection of personal integrity in working life proposed to the Swedish authorities who had commissioned this study the adoption of specific legislation aiming at protecting workers' personal data.
Furthermore, in some Member States, a number of opinions, recommendations or codes of conduct adopted by Data Protection Supervisory Authorities address, more or less comprehensively, various
aspects of the protection of workers' personal data 8 . In some other Member States, work is envisaged or is under way in this direction 9 .
International initiatives
Following Convention n° 108, the Committee of Ministers of the Council of Europe adopted
Recommendation N° R(89)2 specifically targeted to the protection of personal data used for employment purposes. ILO also adopted in 1996 a Code of Conduct, which dealt, in a
comprehensive way, with protection of workers' personal data 10 .
Following the European Convention on Human Rights and Biomedicine 11 , the Council of Europe is
currently working on a draft Protocol on Human Genetics, which contains a specific section on use of genetic testing in the context of employment.
Interaction with other bodies of law and collective agreements
In addition to data protection law, workers' personal data processing is also regulated in the
Member States, depending on the nature of the data concerned, by legislation in other fields, such as constitutional law, employment law, telecommunications law, etc. There is an interaction between these rules, which varies between Member States.
8 Cf., e.g., Belgium, France, Greece, Netherlands, United Kingdom.
9 Cf., e.g., Germany, Ireland, Portugal.
10 The European framework on protection of workers' personal data outlined below (under
section 4) draws considerably from these precedents.
11 Adopted by the Committee of Ministers of the Council of Europe in November 1996 and
signed in Oviedo in April 1997.
EN
Constitutional and employment principles and rules, such as interpreted and applied by case law, play a significant role in ensuring the protection of workers' personal data. However, principles are, necessarily, of a general character and case law concerns, by its very nature, specific questions and does not cover in a comprehensive way all aspects at issue.
Interaction of laws is not always finely tuned and the absence of clear, consistent and comprehensive rules, is prejudicial to legal certainty and gives rise, is some cases, to controversial situations . An illustrative example is the interaction of data protection rules, rules on secrecy of correspondence and general employment principles as regards controlling by the employer of
Internet and e-mail use by the worker.
Workers' personal data processing is also regulated, according to the particular national traditions and practices, by collective agreements. The significance of these agreements varies in the Member States. There is further scope to explore the possibilities to arrive at more comprehensive, substantial agreements between employers and workers in the area under examination.
Need for EU action
The overview of the situation in the EU outlined above shows that there is a clear trend in the
Member States towards clarification of the general data protection principles in order to apply them in the particular employment context. A similar approach was also taken by other international organisations working in this area. It seems that there is a widely perceived need to take action going beyond the general data protection principles towards establishing a particular framework of employment sector specific rules.
It appears, in fact, that currently in some Member States there exist personal data protection principles of a general nature, which are open to a number of different interpretations in the
employment context 12 . This may lead in some cases to unforeseen results, unclarity and discrepancies between the letter of the law and the practice 13 . In some other Member States, the
12 This holds true especially in view of the specific nature of the employment relationship,
which is characterised by the element of subordination; cf., e.g., the issue of workers' monitoring.
13 As an example, processing of data on criminal convictions by private employers appears to be
prohibited since it does not rely currently on any specific legal basis in Belgium and Sweden, under their national general data protection laws that authorise such processing only by public bodies.
EN
issue of workers' data protection is specifically addressed but not in a comprehensive way 14 .
The present situation prevents employers and workers from being aware of their specific rights and obligations. This is bad both for business and for respect of the fundamental rights and freedoms of the persons concerned.
Several reasons plead in favour of establishing a particular framework of employment sector specific rules: legal clarity and certainty; the need to ensure a more consistent and homogenous application of the rules governing the protection of individuals' fundamental rights and freedoms with regard to the processing of personal data; the specificity of the employment context, which determines the scope and extent of the appropriate protection; recent technological advances and their application at the workplace.
Within this context, the Commission considers advisable that this framework of employment sector specific rules is established at Community level for the following reasons:
– Improvement of working conditions constitutes one of the objectives of the Community, which, under article 137 EC, may take legislative action in order to support and complement the activities of the Member States with a view to achieving this objective. As examples of
such improvement 15 , one may mention the envisaged specific standards relating to drug
testing and genetic testing, notably as regards the legitimacy and quality of this data; the limited role, or exclusion, of consent as a means of legitimising data processing; the obligation of prior check by the national data protection authorities in certain defined cases; the involvement of workers' representatives; the enhanced protection of private e-mail, irrespective whether the work equipment is property of the employer who has prohibited its use for private purposes etc. It should be stressed furthermore that clarity of the rules is an essential element of better regulation; it raises awareness of the rights and obligations and is good for effective compliance;
14 Regulation is fragmentary: As an example, in some Member States, there are regulations as
regards recruitment. In some Member States there are regulations on health data; even in the latter case, there is often a need for further specification in particular as regards drug testing data and genetic data. For an overview of the national legislations, see Opinion 8/2001, cited supra in fn 6.
15 Cf, in this regard, the two aforementioned studies (Section 2 of the present document) on the
current situation of workers' personal data protection in the Member States of the European Union.
EN
– Taking into account the common nature of the challenges which recent developments pose to the effective protection of workers' personal data in the Community, as well as the common
background against which these challenges should be appreciated, notably the fundamental right to privacy in all its various aspects, a European framework of common rules would allow to build a coherent, consistent and comprehensive response on the experiences of different Member States and the Community framework on data protection. At the same time, it would permit to flesh out this framework through appropriate measures on national or enterprise level, having regard to the different national traditions and practices. To delay in meeting a number of current pressing common challenges would imply missing the opportunity of keeping in line with the technological and socio-economic changes, to the
16
detriment of both employers and workers .
– In view of the increasing integration of the European economy and globalisation of the world economy, with a growing number of transnational mergers, take-overs and acquisitions, an increasing number of employees are working for companies or organisations that have establishments or subsidiaries in more than one country. Therefore, for both reasons of efficiency and ensuring a more level playing field, a more consistent protection of workers' personal data throughout the EU is considered necessary.
– The application of the national regulations concerning processing of personal data varies in the Member States, within the general limits established by Directive 95/46/EC i. A European framework of common principles and rules as regards workers' personal data is conducive to the free movement of information within the EU and can facilitate the free movement of
workers within the internal market through ensuring, in a more detailed and specific way, a high level of protection of the workers' fundamental rights and freedoms within the EU.
– Given the general nature of Directive 95/46/EC i, there is a need to develop or promote further specification with regard to the application of its principles in the employment relationship in due consideration of the workers' fundamental rights and freedoms. The EU Charter of
Fundamental Rights provides for the protection of workers' privacy in a number of
17
provisions .
– Lastly, it is also important in view of the enlargement in order to give to the candidate countries a reference framework.
In view of these considerations and having carefully examined the responses of the social partners to the first stage consultation document, the Commission has come to the conclusion that a
European framework of common principles and rules is needed aiming at the protection of workers' personal data while striking a balance between the employers' legitimate interests and the workers' right to privacy.
16 Cf., for example, the ongoing work outside the EU as regards genetic data (USA, Australia,
Switzerland, Council of Europe).
17 See, notably, articles 1, 7,8,21(1), 31(1).
EN
IV. Possible content of a european framework on protection of workers' personal data
A) The Scope and the legal context
As has been stated in the first stage consultation, Directive 95/46/EC i fully applies to workers' personal data. Therefore the principal aim of the European framework will not be to introduce free circulation of personal data within the Community but to apply, specify and complement the principles established by this Directive in the employment context. Where necessary, specific provisions may be added to ensure further protection of workers' data protection and privacy in certain areas in view of the specificity of the employment context.
A certain number of other legal instruments equally cover certain aspects of processing of personal data in the employment context, such as Directive 97/66/EC i. In addition, certain international
Conventions have to be taken into account when considering measures to improve the employment conditions in the Community, such as the European Convention for the protection of Human rights and fundamental freedoms. All these legal instruments form the background to this consultation, but are not the subject of it. The proposals contained in this consultation document are designed in such a way as to be compatible with and complementary to the existing legal framework concerning the protection of personal data. If the main principles of this framework are briefly referred to at the beginning of each item, this is not to extend the consultation on their content but on the contrary to allow the consultation to focus on the specificity of the proposals made to improve the working conditions.
The scope of the European framework should therefore, in the same way as the scope of
Directive 95/46/EC i, cover processing of information of any type, irrespective of the nature of the medium involved, including sound and image. Furthermore, it is important that it covers not only personal data within a current employment relationship but also data collected during the recruitment process or kept, where necessary, after termination of the employment relationship. It should cover, where appropriate, processing carried out not only by employers but also by representatives of workers as well as by employment agencies.
The basic principles could be summarised in the following way:
• The European framework builds on the basic principles of Directive 95/46/EC i (in particular, the
principles of purpose specification and limitation (known also as principle of finality), legitimacy
of processing, proportionality, transparency, accuracy and retention of data, security) and aims,
in principle, at particularising and complementing this Directive as regards protection of personal
data in the employment context.
• The European framework covers all personal data, defined as any information related to an identified or identifiable 'worker', including sound and image data. Such data includes the monitoring of workers through the use of devices such as computers, cameras, video equipment, sound devices, telephones and other communication equipment, various methods of establishing identity and location, or any other method of surveillance.
• It applies to both public and private sectors.
EN
In addition, the scope of the European Framework should cover:
• all manual processing, including not automated processing of data which do not form part of a filing system.
• where appropriate, employment agencies which collect and use personal data in the framework
of their activities and processing of workers' personal data by the representatives of workers.
The term worker should include any current or former worker or job applicant.
B) Involvement of workers' representatives
Important as the individual rights of workers are, taking into account the specificity of the employment context, the effectiveness of their protection relies to a great extent on collective rights regarding involvement of workers' representatives in the processing of workers' personal data.
These rights supplement the worker's individual rights of information/participation. The workers' representatives are designated according to rules provided for by national laws and/or practices.
The scope, method of exercising and content of collective rights vary from one Member State to another. They may imply information, consultation or agreement on a range of issues affecting workers' privacy rights. To the extent that the issues under discussion concern employers' decisions likely to lead to significant changes in work organisation or in contractual relations, they are covered by Directive 2002/14/EC i establishing a general framework for informing and consulting employees in the European Community.
Nevertheless, with a view to ensure legal clarity and to provide comprehensive protection of all workers, whether current, former or job applicants, the European framework under discussion should refer to the need to inform and consult the workers' representatives with a view to reaching an agreement before the introduction or modification of a) automated systems permitting the processing of workers' personal data, b) any technical devices that can be used for monitoring/surveillance of workers at the workplace and c) questionnaires as well as tests of any form including medical, genetic, personality tests used at the stage of recruitment or during employment. The involvement of workers' representatives should also be considered as regards regular evaluation concerning the aforementioned issues.
C) General provisions on processing
The European framework should build on, and thus not repeat, all the basic data protection principles established in Directive 95/46/EC i, and notably the principles contained in article 6 thereof.
EN
Although the principles on data quality, regarding notably the relevance, necessity and proportionality requirements, provide substantial protection to workers, employers still appear to be under the (mistaken) impression that the worker's consent may justify, by itself, collection of, e.g., his/her entire medical or criminal record, regardless of the specific job at issue, or legitimise routine monitoring of all e-mail/Internet use, including private e-mail. It should explicitly be specified, like in the aforementioned Finish Act, that this is not, in principle, the case.
The role consent can play in an employment relationship, as a means legitimising the processing of
workers' personal data, including their transfer to 3 rd countries, is quite controversial, because of the dependant and subordinate situation of the worker 18 .
Furthermore, the European framework should specify that, where there is a legitimate purpose for the collection of personal data, the general principle of fair processing requires in an employment relationship that such data should be obtained, in principle, from the individual worker him (her) self. Should this not be possible, then the worker should, beforehand, give his/her consent. The requirement for prior consent, instead of a mere information of the worker, implies his/her greater involvement in the processing of his/her personal data.
The basic principles, could be summarised in the following way:
• personal data on workers are processed for purposes directly relevant and necessary to the
employment of the worker.
• personal data on workers collected are used in principle only for the purpose for which they were originally collected. They are not processed further in a way incompatible with those purposes.
Within the employment context, it should also be considered whether it is advisable to obtain, in such cases, prior authorisation of the Supervisory Authority.
• personal data must be processed fairly. Within the employment context, this means that personal data should in principle be collected from the individual worker to whom they relate. If it is
necessary to collect personal data from third parties, the worker should be informed in advance and give his/her consent.
• data subjects have the right to access to their data without constraint. Specifically, within the
employment context, employers should not request that job applicants or workers use their right of access to their records (e.g. health or criminal records) in order to supply these to them.
18 Cf., in this regard, e.g., the approaches of Belgium (which prohibited any processing of
sensitive data where such processing is exclusively legitimised through the consent of the worker concerned) and Finland (which clarified in its employment sector specific legislation that, as regards workers' personal data processing, no exceptions shall be permitted to the relevance requirement, even where the worker gives his/her consent). In some other countries, consent may not legitimise processing of certain, specifically defined personal data.
EN
• employers should, for practical reasons 19 , avoid relying on the worker's consent as a means that
legitimises, by itself, processing of his/her personal data but should justify data processing using alternative reasons for legitimacy mentioned in Article 7 of Directive 95/46/EC i, while respecting, in any case, the other general data protection principles and in particular the relevance, necessity and proportionality requirements.
• Personal data must be processed lawfully. Within the employment context, processing of workers' personal data should not have as the purpose or effect to unlawfully discriminate to the detriment of the worker.
• The issue of whether irregularly processed data can be used against the worker concerned, e.g.
before the courts, should be addressed.
• In order to ensure, in practice, compliance with the principles of relevance, necessity and
proportionality, it could be clarified within the employment context that special categories of personal data, such as health data or data on criminal offences, can only be processed as regards the job applicant after he has been selected on the basis of his skills and qualifications at the last stage prior to his/her appointment.
• In application of the security principle to automated processing of personal data, it could be clarified within the employment context which measures should be taken to prevent unauthorised persons' interference. The status, tasks and powers of the authorised persons should also be specified; especially as regards sensitive data, their number should be limited.
D) Special categories of data other than health data
Directive 95/46/EC i singles out special categories of data and provides, in this respect, that processing of the so-called sensitive data concerning racial or ethnic origin, political opinions, religious or philosophical beliefs, sex life or criminal convictions shall be prohibited in view of the risk of discrimination of groups of persons responding to such criteria. It enumerates, further, exceptions to this rule.
The risk of discrimination holds true in particular in the employment context, where processing of the aforementioned categories of workers' personal data may prove to be considerably harmful to the workers concerned.
19 In the employment context, consent will often not be freely given.
EN
However, in respect of anti-discrimination legislation, personal data concerning racial or ethnic origin and religious or other beliefs may exceptionally be processed in some cases, where authorised by national law, in particular where distinction among workers is permitted on the basis
of one of these grounds due to specific occupational requirements or in case of positive action 20 .
Taking into account the nature of the data on criminal convictions, whose processing is likely to present specific risks to the rights and freedoms of the workers concerned, it should be considered whether such processing should be submitted to prior check by the national Supervisory Authority. This is already provided for by the data protection legislation in some Member States.
The basic principles, as regards sensitive data, could be summarised in the following way:
• Processing of personal data related to racial or ethnic origin, political opinions, religious or philosophical beliefs, sex life or criminal convictions is prohibited. They can only be processed in exceptional cases within the limits provided for by law laying down the appropriate
safeguards. Taking into account the application of the principles of purpose specification and limitation, of legitimacy and of proportionality, the following requirements should be specified within the employment context as regards the particular categories of data concerned:
Processing of personal data on:
– sex life should be carried out if necessary in view of employers' responsibilities and liabilities in case of charges of sexual harassment.
– criminal convictions should be carried out, if necessary with a view to the particular nature/functions of the employment at issue, and after prior check by the national supervisory authority taking into account all relevant circumstances. In any case, requesting from a worker his/her criminal record, without specifying which particular criminal convictions are considered relevant in relation to the employment at issue, is prohibited, even with the concerned worker's consent.
– trade union membership should be carried out within the limits provided for by law or by collective agreement where authorised by law providing for appropriate safeguards (e.g. prior consent of the worker concerned or his right to oppose).
– racial or ethnic origin and religious or other beliefs could be carried out, where the law allows different treatment, on the basis of one of those grounds, in particular, in case of particular occupational requirements or in case of positive action.
20 See, in this respect, as regards Community law, notably Directives 2000/43/EC i
and 2000/78/EC.
EN
E) Health data
The processing of health data is in principle prohibited in view of the risk for the privacy of the individuals concerned. Nevertheless, taking into account the fact that the processing of health data is a necessary practice in the employment context, which may often be justified by various legitimate reasons for the benefit of both employers and workers, there are a number of general exceptions to this principle. In view of improving the employment conditions, the European framework should specify the circumstances under which the general exceptions are applicable. This is without prejudice to the application of other general data protection principles.
The basic principles, as regards the health data, could be summarised in the following way:
• Personal data on health should only be processed in the employment context in conformity with rules laid down by law providing for appropriate safeguards.
• It should only be processed in the employment context when necessary a) to determine whether the worker is fit with regard to the essential functions of the particular employment 21 , b) to
comply with the requirements of occupational health and safety or c) to determine entitlement to social benefits.
• Health data should be processed in the employment context only by health-care professionals or
by personnel bound by rules on medical confidentiality equivalent to those incumbent upon
health-care professionals. They should be maintained separately from all other personal data.
• In case of medical examinations, the employer should be informed only of the conclusions
relevant to the particular employment decision (no contra-indication to the job /contra-indication to the job found/adaptations of workplace required).
F) Drug testing data
Drug testing is extremely intrusive to the right to privacy.
Not only the testing method may intrude in the concerned person's privacy but also the results may contain highly sensitive personal data (e.g. revealing pregnancy). Furthermore, drug testing is particularly questionable when it is systematic, generalised or when it is imposed randomly without any specific reason.
21 In this regard, it should be recalled that processing should not result in unlawful
discrimination and that it could be justified in case of positive action, e.g. concerning disability (Cf., as regards Community law, notably Directive 2000/78/EC i).
EN
Drug testing covers not only testing for drugs stricto sensu but also alcohol testing. An important distinction should be made in this regard: positive alcohol testing reveals current impairment at work. By contrast, drug testing, unless technologically sophisticated, is not able to reveal past or present impairment or risk of impairment or addiction; it can only reveal that drugs have been used at some time in the past.
The principal issue raised with regard to drug testing is in what circumstances the intrusions occasioned by such testing are justified.
Employers have a legitimate interest in establishing the individual's fitness/capacity of carrying out safely the essential requirements of the particular employment.
Taking into consideration that drug testing is above all a public health and safety issue, it could be justified in case of voluntary, prevention- treatment- and rehabilitation-programs for workers. In addition to that, it could only be justified in specific circumstances on safety grounds. This is the case, in particular, as regards safety-sensitive jobs, e.g. in the transport sector, where random testing may be justified.
In a more general context, drug testing is unlikely to be justified where there is no reasonable,
"individualised" suspicion that a worker uses drugs posing a substantial threat to safety of coworkers or the public.
Consent should not be used, by itself, as a means to legitimise processing of drug testing data.
Particular attention should also be paid to the need for valid, reliable and accurate testing. Testing should be performed by qualified professionals according to appropriate procedural safeguards. Taking into account their sensitive nature, drug testing results should be treated with due respect to confidentiality.
In the light of the above, the following main elements should be considered in the employment context:
• Drug (including alcohol) testing data should be collected and further processed only for the
purposes of determining whether a worker is fit to carry out his/her particular job in safety with regard to himself and others.
• In order to ensure that drug testing data are collected and further processed fairly, it should be
specified within the employment context that systematic, generalised testing may only be justified as regards particular safety-sensitive jobs. Individual drug testing may be justified where there is a reasonable suspicion that a specific worker uses drugs posing a substantial threat to safety of co-workers or the public.
EN
• Drug testing data can also be collected and processed in the framework of a voluntary
programme aiming to treat drug abuse.
• Drug testing data should be collected and further processed only by qualified health professionals subject to rules on medical confidentiality. Drug testing should be reliable, accurate and subject to rigorous quality control procedures.
G) Genetic testing data
Genetic testing 22 implies a risk of an intrusion in the fundamental rights and freedoms of natural
persons, and in particular their privacy, not only as regards the persons to whom the data relate but also as regards the persons belonging to their family/genetic line. It may reveal susceptibilities and predispositions, which may play a decisive role in the future. Important principles are at stake here, such as the "right not to know" as well as "the right not to have the others know" about health data which belong to the most intimate personal sphere. The psychological strain implications of predictive genetic information, particularly in the case of serious diseases where there is currently no treatment available, should also be taken into consideration.
Here again, a balance should be struck between fundamental rights and interests of the worker concerned (privacy/autonomy), of the employer and the public interest within the society. Genetic data revealing the health situation of an individual deserve more specific protection, compared to
that of health data 23 . The principles set out below describe more precisely the circumstances in and
determine the safeguards under which they may exceptionally be processed. In particular, consent should not be used, by itself, as a means to legitimise processing of drug testing data.
Furthermore, account should be taken of the fact that, according to the current state of the art of biomedicine, in most cases, genes do not entirely determine the development of a disease. Most diseases are in fact multifactorial and their onset depends not only on genes but also on the interaction with environmental and other factors. Genetic information does not give the full picture especially at the individual worker's level.
A further issue concerns the scientific validity and reliability of tests and the resulting data, as well as the professionalism of test providers and interpreters.
Genetic information gives also rise to the risk of discrimination to the detriment of the individual, in particular in the employment sector. In this regard, it should be noted that the EU Charter of
Fundamental rights provides explicitly, in article 21, that "any discrimination based on …..genetic features….. shall be prohibited".
22 Genetic data may include not only data obtained through DNA analysis but also those
obtained through other ways which have been available for years (family history, external observable characteristics).
23 Cf., notably, separate storage of health data, confidentiality as regards communication of data
to employers etc.
EN
The high cost of genetic tests have dissuaded employers, until recently, but technological developments result nowadays in less costly testing. The marketing of such tests and the perspectives are alarming to a number of experts and persons concerned.
On the other hand, it should be taken into account that genetic monitoring may contribute to the protection of the workers' occupational health and safety, particularly as regards workers occupied in high-risk environments.
Considering what has been stated above, the following principles may form a part of the European framework in the employment context:
Processing of predictive genetic data could only be necessary exceptionally for purposes of protecting health and safety of the worker concerned or of third parties, in so far it is authorised by national law providing for appropriate specific safeguards, such as:
– Strict respect of the proportionality principle: There should be no less intrusive means to achieve the desired purpose
– No prejudice should be caused to the aim of improving working conditions at the work environment
– Prior appropriate genetic counselling should be foreseen
– Prior check by a national supervisory authority should be considered. Prior check should take into account the particular circumstances of each case, the quality of the testing, the relevance and reliability of the results and the need for striking a balance among the following elements: the rights of the person concerned; manifestly overriding interests of the society, notably
serious and imminent risks to health and safety of third parties (co-workers, public etc.) in the context of safety-sensitive jobs; the right not to know, in particular in case of serious, non treatable diseases.
H) Monitoring and surveillance
As it has been stated in the first stage consultation document, the monitoring of workers' behaviour and correspondence, is an issue that is currently the subject of some debate.
The regulatory situation in the Member States in this area shows that surveillance and monitoring of workers by their employers is regulated through a number of principles and rules contained in various legal acts, including the constitution, the legislation on employment, data protection, telecommunications, the penal code etc. The interaction of the relevant provisions, so far as their application in the employment context is concerned, is often not clear and the situation is, in some cases, quite controversial.
EN
This situation becomes even more critical taking into account that the traditional monitoring means, such as telephone-tapping and video-surveillance, are increasingly complemented by technologically more advanced and potentially more intrusive means: monitoring through the workers' own work tools such as the PC (e-mail, internet, logging etc.).
The principles of the European framework set out below specify the general data protection
principles of fair and lawful processing, purpose specification and limitation 24 , necessity and proportionality enshrined already in Directive 95/46/EC i 25 . They enhance thus legal security and
have, furthermore, an educative function. This is important, since the consent of the users does not exclude the application of the aforementioned rules on employers' surveillance.
One of the principles concerns the involvement of workers' representatives and reflects the fact that the social partners are well placed, with regard to the existing factual and legal situation and the needs of the particular organisation, to conclude agreements on all questions relevant to surveillance and monitoring at the workplace.
Taking into consideration the above, it is suggested that the following principles form a part of the European framework under discussion in the employment context:
• The workers representatives should be informed and consulted before the introduction, modification or evaluation of any system likely to be used for monitoring/surveillance of workers.
• Prior check by a national Data Protection supervisory authority should be considered.
• Continuous monitoring should be permitted only if necessary for health, safety, security or the
protection of property.
• Secret monitoring should be permitted only in conformity with the safeguards laid down by national legislation or if there is reasonable suspicion of criminal activity or other serious
wrongdoing.
• Personal data collected in order to ensure the security, the control or the proper operation of
processing systems should not be processed to control the behaviour of individual workers except where the latter is linked to the operation of these systems.
• Personal data collected by electronic monitoring should not be the only factors in evaluating
workers' performance and taking decisions in their regard.
24 This gains importance, in view of the increasing indirect ways of workers' surveillance.
25 See, notably, articles 6 and 7 thereof. Art. 8 may be also relevant, to the extent that, e.g., an
e-mail contains sensitive data.
EN
• Notwithstanding particular cases, such as automated monitoring for purposes of security and
proper operation of the system (e.g. viruses), routine monitoring of each individual worker's email or Internet use should be prohibited. Individual monitoring may be carried out where there is reasonable suspicion of criminal activity or serious wrongdoing or misconduct, provided that there are no other less intrusive means to achieve the desired purpose (e.g. objective monitoring of traffic data rather than of the content of e-mails; preventive use of technology etc.)
• Prohibition in principle imposed on the employer as regards opening private e-mail and/or other private files, notably those explicitly indicated as such, irrespective of whether use of the work tools for private purposes was allowed or not by the employer. In particular, private e-mails/files should be treated as private correspondence; secrecy of correspondence should not be able to be waived with a general consent of the worker, in particular upon conclusion of the contract of
employment.
• Communication to occupational health professionals and representatives of workers should receive particular protection.
Questions to the Social Partners
In the light of the above and taking into account the provisions of Article 137(1) EC according to which the Community supports and complements the activities of Member States in the areas cited there, the Commission considers that there is scope for legislative action, in particular through a specific directive on a European framework aiming at personal data protection in the employment context. The Commission strongly hopes that the social partners will decide to undertake the process provided for in article 139 EC, which could lead to a European agreement, on the basis of the framework of aforementioned principles.
In this context, the Commission invites the Social Partners:
• to forward to it an opinion or, where appropriate, a recommendation on the content and scope of the envisaged European framework aiming at the protection of workers' personal data, in
accordance with Article 138, paragraph 3 of the EC Treaty;
• to inform it, where appropriate, of their resolve to undertake the negotiation procedure on the basis of the principles set out in the present document, in accordance with Article 138,
paragraph 4 and Article 139 of the EC Treaty.
______________
EN
ANNEX
SPECIFIC ISSUES FOCUSED UPON IN COMMISSION'S CONSULTATION PAPER
(a) Consent
UNICE: Directive 95/46 i provides for other means/reasons, which may legitimise, the data
processing. Furthermore, European and national regulations ensure non-discrimination of workers.
UEAPME: There is no need for more formal requirements. Relationships between contracting
parties should be governed by trust.
ETUC: The principle of consent is not strong enough to offer adequate protection, due to the weaker position of workers.
CEC: It favours a catalogue of personal data to which employers have no access whatsoever, even with the worker's consent.
EUROCADRES: Consent cannot be used as an excuse in data processing, giving rise to illegal discrimination.
(b) Medical data
UNICE: This issue is dealt with in the Health and Safety directives.
UEAPME: Article 6 of dir. 95/46 is sufficient. Further regulation preferable at national level.
ETUC: The employer should only be informed whether the worker is fit to work or not. No information on further detailed medical data.
EUROCADRES: Processing of such data requires particular attention, due to their sensitivity and the risk of discrimination.
(c) Drug testing data
UNICE: Processing of such data is legitimate for safety reasons.
UEAPME: Article 6 of dir. 95/46 is sufficient. Further regulation preferable at national level
EN
ETUC: There is no need for a compulsory generalised drug testing.
EUROCADRES: Processing of such data requires particular attention, due to their sensitivity and the risk of discrimination.
(d) Genetic data
UNICE: Its regulation is preferable at national level, due to rapid changes in this field.
UEAPME: Article 6 of dir. 95/46 is sufficient. Further regulation is preferable at national level.
ETUC: Absolute prohibition of pre-employment genetic screening. Employers may offer, on a voluntary basis, genetic monitoring, under specific safeguards, including that the results of such monitoring may be only controlled by the worker concerned.
EUROCADRES: Strict prohibition of discrimination based on genetic testing.
(e) Monitoring/surveillance
UNICE: There are legitimate reasons for monitoring/surveillance of workers. Moreover, there are sufficient relevant instruments on national/international level.
UEAPME: This issue differs from the others dealt with above. It should be tackled through collective agreements at company level.
ETUC: It favours a prohibition of permanent, automatic control, notably when it takes place in real time and without previous information of workers.
CEC: It opposes to monitoring of workers' Internet and e-mail use, unless justified on specific grounds. On the other hand, it favours the establishment of company's code concerning private use of Internet and e-mail.
EUROCADRES: It lays particular emphasis on this issue. It requests clear rules and rejects the use of the worker's consent as a means legitimising monitoring. With reference to the ILO Code of Practice (1996) and the Council of Europe Recommendation R (89) 2, it expresses its favour for cooperation (information and consultation) between employers, workers and workers' representatives in this regard.
EN